Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
File:                     56d828bf-81fa-4253-8691-f9c277ca84ba.roa (raw, json)
Hash identifier:          7GN3a9OCjhaybb5aKmPy+ZCzcClpLq9QU1PFWkAmBwM=
Subject key identifier:   DA:2C:8F:89:48:C3:43:40:A3:D6:DC:01:2E:50:2D:7B:46:21:B2:83
Certificate issuer:       /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
Certificate serial:       2313160050AB623110F25E69C85E2CC77872E43D
Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa
Signing time:             Tue 12 Mar 2024 00:00:00 +0000
ROA not before:           Tue 12 Mar 2024 00:00:00 +0000
ROA not after:            Tue 16 Apr 2024 23:59:59 +0000
asID:                     6167
IP address blocks:        155.146.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Fri 29 Mar 2024 12:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:13:16:00:50:ab:62:31:10:f2:5e:69:c8:5e:2c:c7:78:72:e4:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476
        Validity
            Not Before: Mar 12 00:00:00 2024 GMT
            Not After : Apr 16 23:59:59 2024 GMT
        Subject: serialNumber=ebbf3408910e2c8354c92bbd3f583ec8e777dbca24e6a3061ce6ecf9bc9389b9, CN=5f276045-5b9f-45ef-923d-f3fce24a6225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:51:01:e7:24:15:62:fc:96:7a:0c:4c:ac:16:
                    29:4a:5f:a3:e2:76:4d:73:5c:64:d2:84:2e:4b:d5:
                    5e:a4:6e:0d:f3:cb:e0:e2:97:f5:38:3f:fb:56:31:
                    95:1a:f5:7f:50:2b:ab:87:76:8a:03:21:8f:35:54:
                    17:88:46:ff:f6:05:ef:14:28:09:a8:e9:93:a1:88:
                    1b:3d:60:f8:bf:72:04:ba:56:25:46:74:ab:f1:cf:
                    eb:ad:6d:ab:88:6a:f2:bf:c3:1b:14:19:5b:f4:66:
                    6b:54:96:7b:37:9e:90:fe:c9:f7:4e:78:1a:cf:84:
                    7b:8b:04:46:f0:bf:59:5a:54:7a:d1:e2:3c:39:24:
                    90:e5:4c:6a:83:e6:fb:3f:9c:7a:49:8e:3b:e1:ee:
                    0a:b9:39:9c:f7:51:c6:fd:57:0a:02:69:36:c1:3c:
                    d0:e3:49:4c:0e:61:c3:66:64:71:55:a0:72:4e:cf:
                    eb:db:6a:67:e6:ed:46:67:3b:99:01:c7:13:f0:a3:
                    dc:6c:56:93:fe:05:94:0c:04:aa:84:39:36:a5:78:
                    56:7d:7f:c6:10:d1:59:9f:4b:2f:04:72:a9:f6:98:
                    00:d1:eb:74:93:a9:34:59:32:bb:4b:ad:40:dc:7d:
                    68:83:de:fb:4e:23:c8:05:a7:be:a8:92:ac:a5:6c:
                    b4:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:2C:8F:89:48:C3:43:40:A3:D6:DC:01:2E:50:2D:7B:46:21:B2:83
            X509v3 Authority Key Identifier:
                keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/56d828bf-81fa-4253-8691-f9c277ca84ba.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.146.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         0c:75:c8:e8:ba:a8:e7:5d:a2:15:5e:17:1e:7b:1c:3a:28:10:
         65:de:68:b4:da:ab:89:9e:8d:a9:78:9e:e4:2e:6f:d5:a6:16:
         49:13:cb:a4:54:d0:81:94:b3:0e:88:56:5f:0c:e9:ca:49:3a:
         7d:4b:77:c6:8e:f1:70:39:5c:2c:ff:b7:63:f3:66:89:c5:8b:
         b6:37:91:c6:b2:a0:22:b9:b5:7e:73:9b:51:97:2f:b0:71:12:
         41:50:83:a4:77:a9:ee:11:82:93:2c:96:f7:86:a6:73:7a:72:
         0e:45:92:58:7e:60:07:ee:f7:d8:ab:77:c6:84:35:88:2b:be:
         c7:11:65:c5:f6:b2:e0:ed:66:80:c6:03:52:2f:59:20:51:06:
         f1:15:da:dc:7f:5d:ae:45:f9:26:93:85:38:bd:be:b6:2a:f2:
         e8:b9:92:ae:88:77:bd:52:ec:30:95:28:73:c5:75:3c:5c:d4:
         ec:8f:fb:51:cf:e5:b4:49:5d:57:24:75:03:82:5d:dd:2a:45:
         fa:85:8e:38:2d:06:e4:4f:55:ba:ad:98:9e:9e:d4:55:55:00:
         88:1d:97:8e:7c:9a:1b:3e:18:ba:4e:31:4c:0d:c7:2e:d8:fc:
         93:bc:94:16:f0:1b:5c:8d:07:d7:fc:ce:e9:dd:84:e1:cb:e8:
         c0:bd:e6:40
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUIxMWAFCrYjEQ8l5pyF4sx3hy5D0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz
MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjQwMzEyMDAwMDAwWhcNMjQwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYmJmMzQwODkxMGUyYzgzNTRjOTJiYmQzZjU4M2VjOGU3
NzdkYmNhMjRlNmEzMDYxY2U2ZWNmOWJjOTM4OWI5MS0wKwYDVQQDEyQ1ZjI3NjA0
NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKUQHnJBVi/JZ6DEysFilKX6Pidk1zXGTShC5L1V6kbg3z
y+Dil/U4P/tWMZUa9X9QK6uHdooDIY81VBeIRv/2Be8UKAmo6ZOhiBs9YPi/cgS6
ViVGdKvxz+utbauIavK/wxsUGVv0ZmtUlns3npD+yfdOeBrPhHuLBEbwv1laVHrR
4jw5JJDlTGqD5vs/nHpJjjvh7gq5OZz3Ucb9VwoCaTbBPNDjSUwOYcNmZHFVoHJO
z+vbamfm7UZnO5kBxxPwo9xsVpP+BZQMBKqEOTaleFZ9f8YQ0VmfSy8Ecqn2mADR
63STqTRZMrtLrUDcfWiD3vtOI8gFp76okqylbLTbAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU2iyPiUjDQ0Cj1twBLlAte0YhsoMwHwYDVR0jBBgwFoAUJa3TQrAet6WO
rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x
MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk
OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4
MDkwNGU0MmQyLzU2ZDgyOGJmLTgxZmEtNDI1My04NjkxLWY5YzI3N2NhODRiYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz
LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCbkjANBgkqhkiG9w0BAQsFAAOCAQEADHXI6Lqo512iFV4XHnscOigQZd5o
tNqriZ6NqXie5C5v1aYWSRPLpFTQgZSzDohWXwzpykk6fUt3xo7xcDlcLP+3Y/Nm
icWLtjeRxrKgIrm1fnObUZcvsHESQVCDpHep7hGCkyyW94amc3pyDkWSWH5gB+73
2Kt3xoQ1iCu+xxFlxfay4O1mgMYDUi9ZIFEG8RXa3H9drkX5JpOFOL2+tiry6LmS
roh3vVLsMJUoc8V1PFzU7I/7Uc/ltEldVyR1A4Jd3SpF+oWOOC0G5E9Vuq2Ynp7U
VVUAiB2XjnyaGz4Yuk4xTA3HLtj8k7yUFvAbXI0H1/zO6d2E4cvowL3mQA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 01:01:31 2024 by rpki-client on console-fra.rpki-client.org